Fortinet, a leading cybersecurity company, has confirmed a data breach involving a limited number of customers in the Asia-Pacific region. The company maintains that the incident was confined to a third-party cloud storage service and did not affect its core operations or products.
Fortinet’s Statement:
Fortinet acknowledges unauthorized access to a limited number of files on a third-party cloud drive. They claim this data breach only impacted a small percentage (less than 0.3%) of their customers and involved “limited data.” Fortinet has contacted affected customers and assures them there’s no evidence of malicious activity. The company emphasizes that no ransomware or encryption was involved, and no access to their core network was obtained.
Hacker’s Claims:
A hacker using the alias “Fortibitch” contradicts Fortinet’s statement. They claim to have stolen 440 GB of data from a Fortinet Azure SharePoint server and leaked it online. The hacker accuses Fortinet of ignoring ransom demands and questions why the company hasn’t made a public SEC filing.
Uncertainties Remain:
While Fortinet downplays the incident, the validity of the hacker’s claims regarding the size of the data breach remains unclear. Additionally, Fortinet hasn’t addressed the potential involvement of Australian government data or critical infrastructure, as reported by Australian media.
Fortinet has engaged a forensics firm to investigate the incident and has implemented measures to prevent similar events. The Australian National Office of Cyber Security is reportedly aware of the situation.
This incident highlights the risks associated with data migration during acquisitions, as the hacker claims the breach occurred during Fortinet’s recent acquisitions. It also raises concerns about the security of cloud storage services and the potential consequences of data breaches for cybersecurity companies themselves.